URI.AllowedSchemes

TYPE: lookup

--DEFAULT--

array (

  'http' => true,

  'https' => true,

  'mailto' => true,

  'ftp' => true,

  'nntp' => true,

  'news' => true,

  'tel' => true,

)

--DESCRIPTION--

Whitelist that defines the schemes that a URI is allowed to have.  This

prevents XSS attacks from using pseudo-schemes like javascript or mocha.

There is also support for the <code>data</code> and <code>file</code>

URI schemes, but they are not enabled by default.

--# vim: et sw=4 sts=4

